Replication: problems with synctest
Jorey Bump
list at joreybump.com
Wed Nov 14 21:56:16 EST 2007
Rich Wales wrote, at 11/14/2007 06:13 PM:
> It looks like my problem with replication not working in one direction
> was a SASL thing. One of my servers was advertising GSSAPI as an
> authentication mechanism, but it didn't really work (I don't have
> Kerberos installed on my systems). Apparently, sync_client on the
> other box was deciding to use GSSAPI, but was giving up because it
> wasn't actually functional.
>
> I fixed the problem by moving the libgss* libraries out of the SASL2
> library directory.
>
> While I was at it, I also moved the libntlm* and libotp* libraries
> out of the SASL2 library directory, since I'm not using either of
> these authentication methods either.
>
> I'm mildly concerned that a future software upgrade might cause these
> libraries to reappear. Is there a more reliable way to disable SASL
> authentication mechanisms, other than removing files from the library
> directory?
I don't use replication, but for normal authentication, I'm able to
specify which mechanisms are advertised by including this in imapd.conf:
sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
Maybe this (or some variation) will also work for replication, and you
can leave the libraries in place.
More information about the Info-cyrus
mailing list